#12 users table & registration issues

[Anonymous]

1. user field silently truncates usernames longer than
20 chars
2. failed logins don't produce error messages; they
simply reload the page
3. passwords are unencrypted in db; could use mysql
password() function